Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
M
Cross-site Scripting (XSS)
Affects
silverstripe/framework
| Versions
>=3.1.0, <3.1.10-rc1
M
Origin Validation Error
CVE-2026-55767
Affects
guzzlehttp/guzzle
| Versions
<7.12.1
L
Cross-site Scripting (XSS)
CVE-2026-50183
Affects
wwbn/avideo
| Versions
>=0.0.0
H
Insufficient Verification of Data Authenticity
CVE-2026-47696
Affects
wwbn/avideo
| Versions
>=0.0.0
M
Cross-site Scripting (XSS)
CVE-2026-47694
Affects
wwbn/avideo
| Versions
>=0.0.0
H
Cross-site Scripting (XSS)
CVE-2026-54458
Affects
wwbn/avideo
| Versions
>=0.0.0
M
Cross-site Scripting (XSS)
Affects
silverstripe/framework
| Versions
>=3.1.0, <3.1.10-rc1
M
Cross-site Scripting (XSS)
CVE-2026-50182
Affects
wwbn/avideo
| Versions
>=0.0.0
M
Incorrect Authorization
Affects
silverstripe/framework
| Versions
>=3.0.0, <3.0.14
>=3.1.0, <3.1.13
M
Cross-site Request Forgery (CSRF)
Affects
silverstripe/framework
| Versions
<3.1.17-rc2
>=3.2.0-beta1, <3.2.2-rc2
>3.3.0-beta1, <3.3.0-rc3
H
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Affects
silverstripe/framework
| Versions
<3.1.12
M
Missing Authorization
Affects
silverstripe/framework
| Versions
<3.1.17-rc2
>=3.2.0-beta1, <3.2.2
>3.3.0-beta1, <3.3.0-rc3
M
Cross-site Scripting (XSS)
CVE-2026-48157
Affects
slim/slim
| Versions
>=4.4.0, <4.15.2
L
Cross-site Scripting (XSS)
Affects
silverstripe/framework
| Versions
<3.0.13
>=3.1.0, <3.1.12
H
Insufficient Granularity of Access Control
CVE-2026-47366
Affects
phpbb/phpbb
| Versions
>=3.3.0, <3.3.17
M
SQL Injection
CVE-2026-48613
Affects
phpbb/phpbb-core
| Versions
>=3.3.8, <3.3.17
M
Cross-site Request Forgery (CSRF)
CVE-2026-48612
Affects
phpbb/phpbb-core
| Versions
>=3.3.0, <3.3.17
C
Missing Authentication for Critical Function
CVE-2026-48611
Affects
phpbb/phpbb-core
| Versions
>=3.3.0, <3.3.17
H
Improper Neutralization of Special Elements Used in a Template Engine
CVE-2026-11407
Affects
pimcore/pimcore
| Versions
<2026.1.6
M
CRLF Injection
CVE-2026-55766
Affects
guzzlehttp/psr7
| Versions
<2.12.1
M
User Impersonation
Affects
silverstripe/framework
| Versions
>=3.1.0, <3.1.17-rc2
>=3.2.0, <3.2.2-rc2
>=3.3.0-beta1, <3.3.0-rc3
M
Access Control Bypass
CVE-2026-50886
Affects
grumpydictator/firefly-iii
| Versions
>=0.0.0
M
Cross-site Scripting (XSS)
Affects
spatie/schema-org
| Versions
>=3.23.1, <3.23.2
>=4.0.0, <4.0.2
H
Allocation of Resources Without Limits or Throttling
CVE-2026-49209
Affects
symfony/ux-live-component
| Versions
>=2.5.0, <2.36.0
>=3.0.0, <3.1.0
M
Cross-site Scripting (XSS)
CVE-2026-49210
Affects
symfony/ux-live-component
| Versions
>=2.8.0, <2.36.0
>=3.0.0, <3.1.0
C
Improper Verification of Cryptographic Signature
CVE-2026-49212
Affects
symfony/ux-live-component
| Versions
>=2.8.0, <2.36.0
>=3.0.0, <3.1.0
L
Cross-site Request Forgery (CSRF)
CVE-2026-49215
Affects
symfony/ux-live-component
| Versions
>=2.22.0, <2.36.0
>=3.0.0, <3.1.0
L
Improper Validation of Unsafe Equivalence in Input
CVE-2026-49208
Affects
symfony/ux-live-component
| Versions
>=2.8.0, <2.36.0
>=3.0.0, <3.1.0
M
Missing Authorization
CVE-2026-47349
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-11607
Affects
typo3/cms-form
| Versions
<13.4.31
>=14.0.0, <14.3.3